An SQL-injection security hole has been found in multibyte
	    encoding processing. An SQL-injection security hole can include a
	    situation whereby when inserting user supplied data into a
	    database, the user might inject his own SQL statements that the
	    server will execute. With regards to this vulnerability discovered,
	    when character set unaware escaping is used (e.g., addslashes() in
	    PHP), it is possible to bypass it in some multibyte character sets
	    (e.g., SJIS, BIG5 and GBK). As a result, a function like
	    addslashes() is not able to prevent SQL injection attacks. It is
	    impossible to fix this on the server side. The best solution is for
	    applications to use character set aware escaping offered in a
	    function like mysql_real_escape().
	  Workarounds:
	    One can use NO_BACKSLASH_ESCAPES mode as a workaround for a bug
	      in mysql_real_escape_string(), if you cannot upgrade your server
	      for some reason. It will enable SQL standard compatibility mode,
	      where backslash is not considered a special character.